Credit card data of 17K ICICI Bank users exposed; bank blocks cards, assures compensation


New Delhi, Apr 25 (IANS): After credit card data of at least 17,000 new ICICI Bank customers was exposed and reached "wrong users", the bank said on Thursday that it has blocked these cards and is issuing new ones to the customers.

The issue surfaced after some ICICI Bank customers voiced concerns on social media about the bank's iMobile Pay app exposing credit card details, including their full number and card verification value (CVV).

On the finance-related forum Technofino, several users reported seeing sensitive data such as the full card number, expiry date, and CVV of unknown customers’ credit cards of some users suddenly on their iMobile Pay app.

In a statement to IANS, the ICICI Bank spokesperson said that it came to their notice that "about 17,000 new credit cards which were issued in the past few days were erroneously mapped in our digital channels to wrong users".

"No instance of misuse of a card from this set has been reported to us. However, we assure that the Bank will appropriately compensate a customer in case of any financial loss," the spokesperson added.

According to the bank, the number of impacted credit cards constituted "about 0.1 per cent of the bank’s credit card portfolio".

"As an immediate measure, we have blocked these cards and are issuing new ones to the customers. We regret the inconvenience caused," said the ICICI Bank spokesperson.

One of the users wrote on Technofino: "I have access to someone else’s Amazon Pay CC due to a security glitch on the iMobile app. Although OTP restricts domestic transactions, I can do international transactions using the details from the iMobile app."

The iMobile Pay app, launched in 2008, has more than 28 million users.

 

  

Top Stories


Leave a Comment

Title: Credit card data of 17K ICICI Bank users exposed; bank blocks cards, assures compensation



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.